1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    *
5    *
6    *
7    * The contents of this file are subject to the terms of the Liferay Enterprise
8    * Subscription License ("License"). You may not use this file except in
9    * compliance with the License. You can obtain a copy of the License by
10   * contacting Liferay, Inc. See the License for the specific language governing
11   * permissions and limitations under the License, including but not limited to
12   * distribution rights of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.service.permission;
24  
25  import com.liferay.portal.kernel.log.Log;
26  import com.liferay.portal.kernel.log.LogFactoryUtil;
27  import com.liferay.portal.model.User;
28  import com.liferay.portal.security.auth.PrincipalException;
29  import com.liferay.portal.security.permission.ActionKeys;
30  import com.liferay.portal.security.permission.PermissionChecker;
31  import com.liferay.portal.service.UserLocalServiceUtil;
32  import com.liferay.portal.util.PropsValues;
33  
34  /**
35   * <a href="UserPermissionImpl.java.html"><b><i>View Source</i></b></a>
36   *
37   * @author Charles May
38   * @author Jorge Ferrer
39   */
40  public class UserPermissionImpl implements UserPermission {
41  
42      public void check(
43              PermissionChecker permissionChecker, long userId, String actionId)
44          throws PrincipalException {
45  
46          if (!contains(permissionChecker, userId, actionId)) {
47              throw new PrincipalException();
48          }
49      }
50  
51      /**
52       * @deprecated
53       */
54      public void check(
55              PermissionChecker permissionChecker, long userId,
56              long organizationId, long locationId, String actionId)
57          throws PrincipalException {
58  
59          check(
60              permissionChecker, userId, new long[] {organizationId, locationId},
61              actionId);
62      }
63  
64      public void check(
65              PermissionChecker permissionChecker, long userId,
66              long[] organizationIds, String actionId)
67          throws PrincipalException {
68  
69          if (!contains(
70                  permissionChecker, userId, organizationIds, actionId)) {
71  
72              throw new PrincipalException();
73          }
74      }
75  
76      public boolean contains(
77          PermissionChecker permissionChecker, long userId, String actionId) {
78  
79          return contains(permissionChecker, userId, null, actionId);
80      }
81  
82      /**
83       * @deprecated
84       */
85      public boolean contains(
86          PermissionChecker permissionChecker, long userId, long organizationId,
87          long locationId, String actionId) {
88  
89          return contains(
90              permissionChecker, userId, new long[] {organizationId, locationId},
91              actionId);
92      }
93  
94      public boolean contains(
95          PermissionChecker permissionChecker, long userId,
96          long[] organizationIds, String actionId) {
97  
98          if (((PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5 ||
99                PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) &&
100              (permissionChecker.hasOwnerPermission(
101                 permissionChecker.getCompanyId(), User.class.getName(), userId,
102                 userId, actionId))) ||
103             (permissionChecker.getUserId() == userId)) {
104 
105             return true;
106         }
107         else if (permissionChecker.hasPermission(
108                     0, User.class.getName(), userId, actionId)) {
109 
110             return true;
111         }
112         else {
113             try {
114                 if (organizationIds == null) {
115                     User user = UserLocalServiceUtil.getUserById(userId);
116 
117                     organizationIds = user.getOrganizationIds();
118                 }
119 
120                 for (int i = 0; i < organizationIds.length; i++) {
121                     long organizationId = organizationIds[i];
122 
123                     if (OrganizationPermissionUtil.contains(
124                             permissionChecker, organizationId,
125                             ActionKeys.MANAGE_USERS)) {
126 
127                         return true;
128                     }
129                 }
130             }
131             catch (Exception e) {
132                 _log.error(e, e);
133             }
134         }
135 
136         return false;
137     }
138 
139     private static Log _log = LogFactoryUtil.getLog(UserPermissionImpl.class);
140 
141 }